Hello Karsten:

Thanks for the reply.  I thought the purpose of adding the

'whitelist_bounce_relays mailserver_name.com'

in local.cf was so that SA could assign a higher score to bounces that never originated at your own mailserver. Thereby identifying return address forgery.


At 02:04 PM 4/6/2008, Karsten Bräckelmann wrote:
On Sun, 2008-04-06 at 13:19 -0400, Jeff Koch wrote:
> Maybe I'm doing something wrong but the bounces we receive are getting
> extremely low scores. My understanding was that by enabling VBounce in the
> V3.2.4 config's and by adding:
>
> whitelist_bounce_relays mailserver_name.com
>
> we would have a shot at filtering out bounces. Instead we are seeing very
> low bounces scores:

The goal of VBounce is to *identify* and spot backscatter, not to flag
it as spam. Actually, IIRC it's stated intention is, to treat back-
scatter differently from spam, because (strictly) it is not.

>          *  0.1 BOUNCE_MESSAGE MTA bounce message
>          *  0.1 ANY_BOUNCE_MESSAGE Message is some kind of bounce message
>
> A scoring of 0.2 does little. Here's the full header. If anyone can help
> explain what we're doing wrong or should change I'd appreciate it.

$ grep -A 2 procmail /usr/share/spamassassin/20_vbounce.cf

# If you use this, set up procmail or your mail app to spot the
# "ANY_BOUNCE_MESSAGE" rule hits in the X-Spam-Status line, and move
# messages that match that to a 'vbounce' folder.

  guenther


--
char *t="[EMAIL PROTECTED]";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}

Best Regards,

Jeff Koch, Intersessions

Reply via email to